X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=gateway.c;h=e28ebb331719bc05f834da945ccbffcda48595de;hp=66ec64ae469816befaf80adf2e11269745079eeb;hb=85817cc55b9;hpb=900f06d038b3879e4e254b4517b0b6f6ffdb17e4 diff --git a/gateway.c b/gateway.c index 66ec64ae..e28ebb33 100644 --- a/gateway.c +++ b/gateway.c @@ -6,7 +6,7 @@ * using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4 * or SOCKS5 proxy). * - * Copyright : Written by and Copyright (C) 2001-2017 the + * Copyright : Written by and Copyright (C) 2001-2020 the * Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -231,6 +231,8 @@ void remember_connection(const struct reusable_connection *connection) assert(reusable_connection[slot].gateway_host == NULL); assert(reusable_connection[slot].gateway_port == 0); + assert(reusable_connection[slot].auth_username == NULL); + assert(reusable_connection[slot].auth_password == NULL); assert(reusable_connection[slot].forwarder_type == SOCKS_NONE); assert(reusable_connection[slot].forward_host == NULL); assert(reusable_connection[slot].forward_port == 0); @@ -245,6 +247,22 @@ void remember_connection(const struct reusable_connection *connection) reusable_connection[slot].gateway_host = NULL; } reusable_connection[slot].gateway_port = connection->gateway_port; + if (NULL != connection->auth_username) + { + reusable_connection[slot].auth_username = strdup_or_die(connection->auth_username); + } + else + { + reusable_connection[slot].auth_username = NULL; + } + if (NULL != connection->auth_password) + { + reusable_connection[slot].auth_password = strdup_or_die(connection->auth_password); + } + else + { + reusable_connection[slot].auth_password = NULL; + } if (NULL != connection->forward_host) { @@ -338,6 +356,26 @@ void forget_connection(jb_socket sfd) #ifdef FEATURE_CONNECTION_KEEP_ALIVE +/********************************************************************* + * + * Function : string_or_none + * + * Description : Returns a given string or "none" if a NULL pointer + * is given. + * Helper function for connection_destination_matches(). + * + * Parameters : + * 1 : string = The string to check. + * + * Returns : The string if non-NULL, "none" otherwise. + * + *********************************************************************/ +static const char *string_or_none(const char *string) +{ + return(string != NULL ? string : "none"); +} + + /********************************************************************* * * Function : connection_detail_matches @@ -406,8 +444,8 @@ int connection_destination_matches(const struct reusable_connection *connection, { log_error(LOG_LEVEL_CONNECT, "Gateway mismatch. Previous gateway: %s. Current gateway: %s", - connection->gateway_host != NULL ? connection->gateway_host : "none", - fwd->gateway_host != NULL ? fwd->gateway_host : "none"); + string_or_none(connection->gateway_host), + string_or_none(fwd->gateway_host)); return FALSE; } @@ -415,8 +453,8 @@ int connection_destination_matches(const struct reusable_connection *connection, { log_error(LOG_LEVEL_CONNECT, "Socks user name mismatch. " "Previous user name: %s. Current user name: %s", - connection->auth_username != NULL ? connection->auth_username : "none", - fwd->auth_username != NULL ? fwd->auth_username : "none"); + string_or_none(connection->auth_username), + string_or_none(fwd->auth_username)); return FALSE; } @@ -424,8 +462,8 @@ int connection_destination_matches(const struct reusable_connection *connection, { log_error(LOG_LEVEL_CONNECT, "Socks user name mismatch. " "Previous password: %s. Current password: %s", - connection->auth_password != NULL ? connection->auth_password : "none", - fwd->auth_password != NULL ? fwd->auth_password : "none"); + string_or_none(connection->auth_password), + string_or_none(fwd->auth_password)); return FALSE; } @@ -433,8 +471,8 @@ int connection_destination_matches(const struct reusable_connection *connection, { log_error(LOG_LEVEL_CONNECT, "Forwarding proxy mismatch. Previous proxy: %s. Current proxy: %s", - connection->forward_host != NULL ? connection->forward_host : "none", - fwd->forward_host != NULL ? fwd->forward_host : "none"); + string_or_none(connection->forward_host), + string_or_none(fwd->forward_host)); return FALSE; } @@ -1142,11 +1180,20 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, if (!err && (sbuf[1] == '\x02')) { - /* check cbuf overflow */ - size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3; - if (auth_len > sizeof(cbuf)) + if (fwd->auth_username && fwd->auth_password) + { + /* check cbuf overflow */ + size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3; + if (auth_len > sizeof(cbuf)) + { + errstr = "SOCKS5 username and/or password too long"; + err = 1; + } + } + else { - errstr = "SOCKS5 username and/or password too long"; + errstr = "SOCKS5 server requested authentication while " + "no credentials are configured"; err = 1; } @@ -1208,7 +1255,7 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, cbuf[client_pos++] = (char)(hostlen & 0xffu); assert(sizeof(cbuf) - client_pos > (size_t)255); /* Using strncpy because we really want the nul byte padding. */ - strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos); + strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos - 1); client_pos += (hostlen & 0xffu); cbuf[client_pos++] = (char)((target_port >> 8) & 0xff); cbuf[client_pos++] = (char)((target_port ) & 0xff);